Although passed in the 2023 legislative session, the Colorado Job Application Fairness Act (JAFA) finally took effect on July 1, 2024. JAFA applies to private employers of all sizes (and their agents), as well as state or local government employers.

On July 10, 2024, the U.S. Department of Commerce’s Bureau of Industry and Security (“BIS”) published a new guidance document addressing risks associated with the export, reexport, and transfer of controlled items under the Export Administration Regulations (“EAR”). The guidance outlines both (1) methods by which BIS informs affected parties about export diversion risks, outside of its public screening lists and (2) BIS-recommended practices to comply with related regulations and mitigate diversion risks.

It has been another busy year for developments under the Illinois Biometric Information Privacy Act, 740 ILCS 14 et seq. (BIPA), with three recent decisions providing key insight into the scope and contours of the statute - specifically concerning what constitutes a biometric identifier/biometric information.

On July 25, 2024, in a unanimous decision, California’s Supreme Court ruled it was constitutional for companies such as Lyft, Uber and DoorDash to classify their drivers as gig workers, commonly referred to as independent contractors.

In the United States, cyber insurance underwriters have historically been concerned with assessing first-party exposure when a policyholder sustains a data security incident requiring crisis management, remediation, and computer system restoration; or assessing third-party exposure via data breaches or regulatory defenses and fines resulting from financial or health services sectorial privacy regulations. However, the very recent passing of numerous state general privacy laws, as well as the FTC‘s continued dedication toward exercising its Section 5 powers against “unfair or deceptive acts or practices,” may be broadening the scope of exposure to cyber insurance underwriters and forcing them to reconsider future cyber insurance coverage and exclusions. The FTC in particular has recently focused on one particular subcategory of privacy violation: “dark patterns.”

On May 31, 2024, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) listed four entities and one individual for promoting Iran’s unmanned aerial vehicle (UAV) program. U.S. Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson stated that Iran’s UAV program was supplying Russia’s arsenal in Ukraine, and OFAC’s latest move is part of ongoing efforts to counter Iran’s destabilizing actions.

Expanding upon prior decisions that support the use of insurance adjusted rates when mitigating future medical damage claims, the Fourth District Appellate Court recently ruled that in a personal injury action the defense is permitted to ask questions regarding future eligibility for Medicare without violating the collateral source rule. This decision allows the defense to introduce evidence of Medi-Cal and Medicare eligibility along with anticipated future costs at those significantly reduced rates. The Fourth District reasoned in its ruling that the collateral source rule was not violated because such evidence pertained to the value of future medical services, which is permitted according to well-established precedent.

On June 11, 2024, in its decision in the Celestial Aviation Services Limited v. UniCredit Bank GmbH case, the Court of Appeal for England and Wales ("Court") issued a significant ruling on the impact of U.K. and U.S. sanctions on payment obligations under letters of credit (“LCs”). While the court below found that UniCredit was obligated to pay the LCs, on appeal the Court determined that the imposition of sanctions imposed by the United Kingdom and the United States prevented payment on the LCs.